AWS Community Day - Mountain View

September 10, 2019 Zoe Revis

Come join Netskope at the AWS Community Day, Bay Area, 2019 on Friday, September 13 at the:
Computer History Museum
1401 North Shoreline Boulevard
Mountain View, CA 94043

Netskope’s Threat Research Labs will give two presentations that dive into AWS security implications around CORS and temporary tokens, the challenges they pose, and how to mitigate attacks utilizing them.

It’s a free, full-day event, where you can discuss your security initiatives and share best practices with fellow security managers and architects. For more information or to register, click here.

___________________________________________________________________________
Title: Of CORS That's a Thing: How CORS in the Cloud Still Kills Security
Presenter: Erick Galinkin

CORS (Cross-Origin Resource Sharing) is a mechanism which uses HTTP headers to explicitly permit cross-origin HTTP requests, effectively bypassing any existing same-origin policy. Unfortunately, misconfigurations of CORS are extremely common and have led to bugs in bitcoin exchanges, social media platforms, and even popular IDEs. In this presentation, we demonstrate how CORS misconfigurations can happen, where they can happen in cloud environments, and how to prevent them.
___________________________________________________________________________
Title: AWS Temporary Credentials: Challenges in Prevention, Detection, Mitigation
Presenter: Jenko Hwong

Cloud infrastructure design is complex and makes even the most straight-forward topics, such as Identity and Access Management (IAM), non-trivial and confusing and therefore, full of security risk. While AWS IAM provides for access via console and API/CLI using access keys, there is also a temporary security tokens feature, designed for secure temporary access. However, temporary tokens can be challenging to prevent, detect, and mitigate.

This talk will explore the limitations of temporary tokens including:
– the lack of visibility/management
– minimal logging
– limited remediation options
and how this can pose challenges to defend against.

In addition, we will look at common defensive techniques and best practices around lockdown, provisioning, logging and alerting to see whether these are practical and can help shift the field.

No Previous Articles

Next Article
Security 2025: The Future of Security Tour
Security 2025: The Future of Security Tour

Various Dates | Various Locations

Gartner Magic Quadrant for Cloud Access Security Broker

Get Your Copy